weford.com Open in urlscan Pro
2a06:98c1:3120::c Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://weford.com/reactivate/verif.php
Submission: On August 16 via automatic, source openphish (August 16th 2022, 1:11:22 am UTC) — Scanned from NL

Summary HTTP 24 Redirects Links 4 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 24 HTTP transactions. The main IP is 2a06:98c1:3120::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is weford.com.

This is the only time weford.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: M&T Bank (Banking)

Domain & IP information

	IP Address		AS Autonomous System
2 23	2a06:98c1:312... 2a06:98c1:3120::c		13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.66.34 65.9.66.34		16509 (AMAZON-02) (AMAZON-02)
24	3

23 2a06:98c1:3120::c (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

weford.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-34.fra56.r.cloudfront.net

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	weford.com 2 redirects weford.com	249 KB
1	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 2503	604 B
24	2

	Domain	Requested by
23	weford.com	2 redirects weford.com
1	nexus.ensighten.com	weford.com
24	2

This site contains links to these domains. Also see Links.

Domain
www.mtb.com
onlinebanking.mtb.com
calcareous-sexes.000webhostapp.com
www.000webhost.com

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://weford.com/reactivate/verif.php
Frame ID: 7CD58D438888F1F5EF985C8AF304CBBF
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Confirm Online Details - Verify Account | M&T Bank

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

0 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

247 kB
Transfer

760 kB
Size

1
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.mtb.com/home-page

Search URL Search Domain Scan URL

URL: https://onlinebanking.mtb.com/
Title: Exit

Search URL Search Domain Scan URL

URL: https://calcareous-sexes.000webhostapp.com/m&tb/data/details.html
Title: T969368233604321e969368233604321r969368233604321m969368233604321s o969368233604321f U969368233604321s969368233604321e

Search URL Search Domain Scan URL

URL: https://www.000webhost.com/?utm_source=000webhostapp&utm_campaign=000_logo&utm_medium=website&utm_content=footer_img

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

http://weford.com/assets/fonts/mandtbaltoweb-book.woff HTTP 301
https://weford.com/assets/fonts/mandtbaltoweb-book.woff

Request Chain 8

http://weford.com/assets/fonts/mandtbaltoweb-medium.woff HTTP 301
https://weford.com/assets/fonts/mandtbaltoweb-medium.woff

Request Chain 10

http://weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/formInputValidations.js.download HTTP 301
https://weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/formInputValidations.js.download

Request Chain 12

http://weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/errorMsg.js.download HTTP 301
https://weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/errorMsg.js.download

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request verif.php Show response
weford.com/reactivate/ 28 KB
5 KB 557ms
286ms Document
text/html 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://weford.com/reactivate/verif.php
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daf0b6123dc20d15f0465dd3e0396dbd07084842d6c677797a843c540cf2649a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 73b64b8509e3b912-AMS
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 16 Aug 2022 01:11:16 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFTf4owv3l8L6pXfuw5bauaB6yIWq2evbUc3dC%2BJyw%2BOr4yq1tnosvOgxptTVdbMGDifigl62e9JsCwFmPzA9I4kggsaK%2FAMPDOjZwz5cqRen64YT8n1NmkvhACIuIcmUzSKakfB24ms"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding,User-Agent
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK foundation-all.css
weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/ 158 KB
20 KB 278ms
277ms Stylesheet
text/css 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/foundation-all.css
Requested by: Host: weford.com
URL: http://weford.com/reactivate/verif.php
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1561dd020e51568f135c0e64d38c48055e7647b695c57411029705bb186d8090

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://weford.com/reactivate/verif.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 01:11:16 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Fri, 12 Aug 2022 11:13:40 GMT
Server: cloudflare
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Cf-Polished: status=cannot_optimize
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MgwxhHnlpu0BPVeRMsigVOBy6jms2A%2FXgNm07D0lbCoWyoqR%2BvMwO7vzj%2BNqCJ9g1a4mLIRhS1wfwuyD%2BWYGSrApK%2F22lzBd%2BGrkl9QEpyYtjHkuQuFBo%2FZrh36F2%2FN5vKssnjLEPuZO"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 73b64b86dbb6b912-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cf-Bgj: minify

GET
H/1.1 200
OK mtb.css
weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/ 47 KB
10 KB 289ms
289ms Stylesheet
text/css 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/mtb.css
Requested by: Host: weford.com
URL: http://weford.com/reactivate/verif.php
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15f4eff882aa0a83b27bd9c2e01b32ad17d8d15d1a9e14f2b9fe7a3649c7fa05

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://weford.com/reactivate/verif.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 01:11:16 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Fri, 12 Aug 2022 11:13:40 GMT
Server: cloudflare
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6AhGKs7p84amnHKqP6Zt0NziESlEs7Mvf%2B0LreOjAfp0El5kd%2FyyVZ%2FtBrxZnfa0hIaeZg%2BNfruBOyOZN51pC78mD3L1WiUkd12kCsqemkH7eoGnZnJw84Qmmjl9CyxEeVzpaiGStGSR"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 73b64b86d900b8af-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 9038

GET
H/1.1 200
OK mtb-logo.svg
weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/ 2 KB
2 KB 307ms
282ms Image
image/svg+xml 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/mtb-logo.svg
Requested by: Host: weford.com
URL: http://weford.com/reactivate/verif.php
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5b0d9f678fe446631a33a4cbbe891a01b0ed972143702e67ae6617367096ac

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://weford.com/reactivate/verif.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 01:11:16 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Fri, 12 Aug 2022 11:13:40 GMT
Server: cloudflare
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=djlQkWxV37hkrF3zYw1gCInVVBCGIESKQ9cQOqEpizHfII4f1qzEdSViFADKdm7AsAHk%2B8caXRTnYvHxb5eScJ3TjUWYLyLdbigd9yDgECKU%2FL0TPCyTNO3zeqxyfklKGNQqkVqtuAhj"}],"group":"cf-nel","max_age":604800}
Content-Type: image/svg+xml
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 73b64b87280db81b-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1053

GET
H/1.1 200
OK mtb-equalhousinglender.svg
weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/ 230 B
907 B 308ms
283ms Image
image/svg+xml 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/mtb-equalhousinglender.svg
Requested by: Host: weford.com
URL: http://weford.com/reactivate/verif.php
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d58eb2802f72d0c6b1d944a1335e8fb914af44b51fe16097aad994c15b8cfbad

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://weford.com/reactivate/verif.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 01:11:16 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Fri, 12 Aug 2022 11:13:40 GMT
Server: cloudflare
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2OYTJoUCZCDUt3gKl1sH8Sm3wuUwXorrAC8qf437pbmZWvv7jyTsW7uBJEZoC967LHta%2Bh3CUnHoXe8wf8EahuAN8pehKJBwR2%2FMJrdVLVMT5wly%2FjKB3mtt0W62TsQEKEu1GqSHYks6"}],"group":"cf-nel","max_age":604800}
Content-Type: image/svg+xml
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 73b64b872f39009b-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 193

GET
H/1.1 200
OK mtb-entrust.svg
weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/ 1 KB
1 KB 306ms
282ms Image
image/svg+xml 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/mtb-entrust.svg
Requested by: Host: weford.com
URL: http://weford.com/reactivate/verif.php
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2ef3bd17aa6bc2daa7b1209f7848b30c64f3068e43162b09a216639ab430ce5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://weford.com/reactivate/verif.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 01:11:16 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Fri, 12 Aug 2022 11:13:40 GMT
Server: cloudflare
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h1GjHzvEzoPzbPUkASa8PtTQiJhoNxq7nWGKSH1k4nqxxyqnwNpSFN%2Fau9HFD9BnvZAC4brUjZTejLGpy4P637Cq7Swx8KtVClhokrqC8UAX9wHbuxvh8k5AZOn5XTKuIVjNCkKvrh4F"}],"group":"cf-nel","max_age":604800}
Content-Type: image/svg+xml
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 73b64b872b53b7c7-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 712

GET
H/1.1 200
OK footer-powered-by-000webhost-white2.webp
weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/ 2 KB
2 KB 308ms
283ms Image
image/webp 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/footer-powered-by-000webhost-white2.webp
Requested by: Host: weford.com
URL: http://weford.com/reactivate/verif.php
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://weford.com/reactivate/verif.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 01:11:16 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Fri, 12 Aug 2022 11:13:40 GMT
Server: cloudflare
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TBRpJ3yBdE8VNZ7UlmPRIfsPo2AJJms47neLSJ%2BO%2FmiYlZvpWvScQBc7kTg%2BNIEXo7LT2qZ5ZkG8IIvWNwA%2FY%2FBfyWKgcFH9%2FPkQxsumI%2F6VlYx0eoOI3txLszYHefQSMyMU2dtdd2HS"}],"group":"cf-nel","max_age":604800}
Content-Type: image/webp
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 73b64b872f3db76a-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1719

GET
H/1.1 200
OK rocket-loader.min.js Show response
weford.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
5 KB 29ms
28ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://weford.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: weford.com
URL: http://weford.com/reactivate/verif.php

Protocol

HTTP/1.1

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://weford.com/reactivate/verif.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 01:11:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 09 Aug 2022 17:04:07 GMT
Server: cloudflare
ETag: W/"62f29387-302c"
X-Frame-Options: DENY
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NCwkfHjre8WQgWWqqN2xwJN6DPUWogDTjuuRMtF2szWs4RpOqSKOjPbtFCIWizeiWg4aDBGxZA6MF7ovUZpsupq31cdY4K9tG8fx%2Fc8TzO4oBky%2BRlb3sdeMXENfcOMhgYWbo%2BiuQeoN"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=172800, public
CF-RAY: 73b64b889e59b912-AMS
Expires: Thu, 18 Aug 2022 01:11:16 GMT

GET

mandtbaltoweb-book.woff
weford.com/assets/fonts/
Redirect Chain

http://weford.com/assets/fonts/mandtbaltoweb-book.woff
https://weford.com/assets/fonts/mandtbaltoweb-book.woff

0
0

GET

mandtbaltoweb-medium.woff
weford.com/assets/fonts/
Redirect Chain

http://weford.com/assets/fonts/mandtbaltoweb-medium.woff
https://weford.com/assets/fonts/mandtbaltoweb-medium.woff

0
0

GET
H/1.1 200
OK enrollment.js.download Show response
weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/ 43 KB
11 KB 297ms
284ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/enrollment.js.download
Requested by: Host: weford.com
URL: http://weford.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2fd75f2108f81f0dc5f2165197fb7305085c2983b36062d25afb5da7c4f190b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://weford.com/reactivate/verif.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 01:11:16 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Last-Modified: Fri, 12 Aug 2022 11:13:40 GMT
Server: cloudflare
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhvGB82LZkOil5ZLfBzOqw0LpQhvrYB3noM6PKnLs4aaYtezQFh5hzqNzg0qTs1wWiTNTJ7MorvhBHVPEX41bcGuuZhiJR71JyeRX9FWQIEAzmmVQIm1xbEBN%2FJrq3w02dWpad8NgLSo"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 73b64b88e94bb81b-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 10908

GET
H2

404

formInputValidations.js.download
weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/
Redirect Chain

http://weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/formInputValidations.js.download
https://weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/formInputValidations.js.download

0
0

1183ms
1125ms

Script
text/html

2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/formInputValidations.js.download
Requested by: Host: weford.com
URL: http://weford.com/reactivate/verif.php
Protocol: H2
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://weford.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Redirect headers

cf-edge-cache: cache,platform=wordpress
Date: Tue, 16 Aug 2022 01:11:17 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-WP-CF-Super-Cache: cache
X-Redirect-By: WordPress
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-WP-CF-Super-Cache-Cookies-Bypass: swfpc-feature-not-enabled
Server: cloudflare
Vary: User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8PcoQGCwZyfPw8mbGT71BgzFu0ZMvh%2B6n%2FguYdd9eLzbkLRgib46zk13IeHCTifpfs3kdMmgdevM0AG4pLyd6o%2B06Rxwy%2BojsF3XWDPjeAMtxeL7CjpiqugX3y%2BP6n1SW6Vz7bYJpKf4"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=UTF-8
Location: https://weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/formInputValidations.js.download
X-WP-CF-Super-Cache-Cache-Control: s-maxage=31536000, max-age=60
X-WP-CF-Super-Cache-Active: 1
CF-RAY: 73b64b88ecadb7c7-AMS

GET
H/1.1 200
OK mtb-app.js.download Show response
weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/ 2 KB
2 KB 165ms
152ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/mtb-app.js.download
Requested by: Host: weford.com
URL: http://weford.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d20a0079750e45abe7ab6e246703d1666ba7065e62a0767b16735684f16702e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://weford.com/reactivate/verif.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 01:11:16 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Last-Modified: Fri, 12 Aug 2022 11:13:40 GMT
Server: cloudflare
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lwG5Smyb8OjRk9bgEEkgTUn7FMUkvnOaOjT0uA%2BRGr%2BETx1DUrK0YW2CZztc57MtdibS5qWvG1OpRfJwEUhwznNoeb1%2FF71W8bbt78edw0n5PpvGfO77jole%2B0XGlPmlrH6UQX43VcNG"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 73b64b88e8d3009b-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 838

GET
H2

404

errorMsg.js.download
weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/
Redirect Chain

http://weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/errorMsg.js.download
https://weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/errorMsg.js.download

0
0

1139ms
1138ms

Script
text/html

2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/errorMsg.js.download
Requested by: Host: weford.com
URL: http://weford.com/reactivate/verif.php
Protocol: H2
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://weford.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Redirect headers

cf-edge-cache: cache,platform=wordpress
Date: Tue, 16 Aug 2022 01:11:17 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-WP-CF-Super-Cache: cache
X-Redirect-By: WordPress
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-WP-CF-Super-Cache-Cookies-Bypass: swfpc-feature-not-enabled
Server: cloudflare
Vary: User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QV5u%2FtLNKm%2FUJJyU7XBc4JLRfhzqKZGnScJb89TalSn3W%2FIzx4jkHqkKh%2Fd1fs1xT%2FEWgkQRNVTt4qXKlyGGcmNokHUeh2CHNdGhkbY5L7YTG9BKySflG9TbAwbOLviy3HhL05tZIeqd"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=UTF-8
Location: https://weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/errorMsg.js.download
X-WP-CF-Super-Cache-Cache-Control: s-maxage=31536000, max-age=60
X-WP-CF-Super-Cache-Active: 1
CF-RAY: 73b64b88f8e6b76a-AMS

GET
H/1.1 200
OK Bootstrap.js.download Show response
weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/ 52 KB
20 KB 321ms
156ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/Bootstrap.js.download
Requested by: Host: weford.com
URL: http://weford.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecb5cd10a64742b3616a5b9c0cb470127edb286231f57008ee3150bb54251695

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://weford.com/reactivate/verif.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 01:11:16 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Last-Modified: Fri, 12 Aug 2022 11:13:40 GMT
Server: cloudflare
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hPcYxBYA1hThBYnOIEtcPkEwa6MsJWfNwF5dMTVEdBpmKvJf8uPhDUfzABudh4azVefB9H2qGVx3Yk4tnT3TFNb8M3u1SHQKf155zFXfXUCzbHFNAQeWykQ3cyvgN0a4g6Exxef8ezMK"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 73b64b89d9ab009b-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK foundation.js.download Show response
weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/ 174 KB
64 KB 455ms
159ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/foundation.js.download
Requested by: Host: weford.com
URL: http://weford.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ba8ec4721f57f16ecbc5217482bb06262356880d805adbcc6c72bbe6623272d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://weford.com/reactivate/verif.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 01:11:17 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Last-Modified: Fri, 12 Aug 2022 11:13:40 GMT
Server: cloudflare
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ND4MqXWFFQZIacWxw9QFtY5qZL8I7TG5xDrAd9PEep2NBr7Yz4rlxYJ3%2F%2F3xZ3NiVon%2Fxk0NkBcb1M0H%2BWotVnYE8HLH6KjjAdDlHkpe%2BCrnW6Gi7pJW60SN7CLULHhxfBu5gt9IO382"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 73b64b8aba46b81b-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK jquery-3.3.1.js.download Show response
weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/ 85 KB
38 KB 592ms
157ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/jquery-3.3.1.js.download
Requested by: Host: weford.com
URL: http://weford.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://weford.com/reactivate/verif.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 01:11:17 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Last-Modified: Fri, 12 Aug 2022 11:13:40 GMT
Server: cloudflare
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EmyXJdO4kFjofaV2nNtFbnscDAkQFGxvoG9Sbgb4LBuIyYpbDt7Mx817vtO9gRHDgKu%2BYXVv5qSzRBD8xFrFSH7%2FjAk8HvskiDxjtWSoSiGrhq0lVKpqBDnMKcMY%2F0F0gATBBHX5DDbM"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 73b64b8b9a9a009b-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK serverComponent(1).php Show response
weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/ 402 B
957 B 743ms
166ms Script
text/html 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/serverComponent(1).php
Requested by: Host: weford.com
URL: http://weford.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 946b0d2f109d2189105070fbb175fa78e00582d6c68413fdc05ae938060162b1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://weford.com/reactivate/verif.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 01:11:17 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zRGaEzgL%2FsHXtVKHVMiC03lKmCJg5PodEkH9Sd%2BgvE0Nn9ZZpnPz8YTrpz3l0Dtga2%2F6243P7RxZ9zulUEOyFsxU73Dd0iYvxEKXrbOTztliqxCXOMBhOyfJSCCAlHT4So3IvF9nJkKg"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 73b64b8c7b3db81b-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK b9ce03ceb3f06b3602497b84c93c31ac.js(1).download Show response
weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/ 8 KB
3 KB 860ms
154ms Script
text/plain 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/b9ce03ceb3f06b3602497b84c93c31ac.js(1).download
Requested by: Host: weford.com
URL: http://weford.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c7e2cc8c50ab082334a9d91a8e42018086791fe8170a050628db9c364467d1a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://weford.com/reactivate/verif.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 01:11:17 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Last-Modified: Fri, 12 Aug 2022 11:13:40 GMT
Server: cloudflare
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Co2AOp0v4H8cCuGnlFwkxxZ6rLtj9MveLgkGLUifz4i8lLXJNINE%2BSonCmWwwiD%2F9hPCMs9V77LwKRtgGT%2BKlSfpErKj72YKnawY9pwLEWmK0tW7Huonia6HvRDnCf4532gbMmK%2FHSp"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 73b64b8d4bc3009b-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 2307

GET
H/1.1 200
OK cb5c34a81d75be92b85a6e44769a7ea9.js(1).download Show response
weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/ 69 KB
29 KB 883ms
162ms Script
text/plain 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/cb5c34a81d75be92b85a6e44769a7ea9.js(1).download
Requested by: Host: weford.com
URL: http://weford.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab8d923e60dceb37d3b0327383e0e81a84522dbb961df642d5b4bb62ead7a062

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://weford.com/reactivate/verif.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 01:11:17 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Last-Modified: Fri, 12 Aug 2022 11:13:40 GMT
Server: cloudflare
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BoibB%2BAr%2BwbvDveMMKV0v%2BfxKkRRiUxxsofmkx%2Fh6hziUTl8Z0d0riHm5sLS82MU4KIht0V0d3X30r8ocKov1wlozjwULa6szsdP614hbi1OZK3%2FiO1vrSP3XZBAdoljzNGsDkq3g89i"}],"group":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 73b64b8d5a02b7c7-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK serverComponent.php Show response
weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/ 402 B
957 B 1017ms
295ms Script
text/html 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/serverComponent.php
Requested by: Host: weford.com
URL: http://weford.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 769863c01a0190c250b1528bc75a294a42641b8370661e8024055ae860eb7e30

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://weford.com/reactivate/verif.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 01:11:17 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N9UNVfgmLNLgMwNFPjEj58qLSB72X7YeRmHuXekVxdKQbr5quMSRxXqJgGsQ%2FTVZGeUqHCGwDkX17lHpA2DDf9K9T322ffvFa%2Fth7ebVIx6YX%2FdvSjzlq7fZpW9ubAuk91dhT5VzM7JJ"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 73b64b8d59c3b8af-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK b9ce03ceb3f06b3602497b84c93c31ac.js.download Show response
weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/ 8 KB
3 KB 886ms
159ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/b9ce03ceb3f06b3602497b84c93c31ac.js.download
Requested by: Host: weford.com
URL: http://weford.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c7e2cc8c50ab082334a9d91a8e42018086791fe8170a050628db9c364467d1a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://weford.com/reactivate/verif.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 01:11:17 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Last-Modified: Fri, 12 Aug 2022 11:13:40 GMT
Server: cloudflare
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2LvU4Hkh0ouJmtTGbAu3NETJyi28pN6MvgFXcWjRRJRVj3RZjm3HCfJYQMfwAqWLs3k7I%2BVecb%2BQe%2FsF4kqRj01parkI5sIgaZcfiPNo9bcuMi1chDMdZfpSDz8h5uD%2BGV36p3KzjkHd"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 73b64b8d6b87b912-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 2307

GET
H/1.1 200
OK cb5c34a81d75be92b85a6e44769a7ea9.js.download Show response
weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/ 69 KB
29 KB 899ms
156ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/cb5c34a81d75be92b85a6e44769a7ea9.js.download
Requested by: Host: weford.com
URL: http://weford.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab8d923e60dceb37d3b0327383e0e81a84522dbb961df642d5b4bb62ead7a062

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://weford.com/reactivate/verif.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 01:11:17 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Last-Modified: Fri, 12 Aug 2022 11:13:40 GMT
Server: cloudflare
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7c0wTSTMh2nR0dGFO03WTVxG2N1xb0VYChWLLlo2%2FN73BzIi0zeCbuGwOBoS2cKrN7Fb4jldgbzNJkqCk2%2BxLtkyTL1jcTEcBWb01FQpBeSrqHoqdN5wAtaiCvHwivVi9LG0pTOU99i5"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 73b64b8d7bd7b81b-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK serverComponent.php Show response
nexus.ensighten.com/mtbank/OE-Dev/ 60 B
604 B 124ms
37ms Script
application/javascript 65.9.66.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://nexus.ensighten.com/mtbank/OE-Dev/serverComponent.php?r=887247.1543928515&ClientID=1512&PageID=http%3A%2F%2Fweford.com%2Freactivate%2Fverif.php
Requested by: Host: weford.com
URL: http://weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/Bootstrap.js.download
Protocol: HTTP/1.1
Server: 65.9.66.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-34.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: ad68c8c7e80948313b864c7f1f78556234fe7d5fc778337a7bf0db2efd0c7468

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://weford.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 01:11:18 GMT
Via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
Last-Modified: Thu, 05 Apr 2012 12:15:43 GMT
Server: nginx
X-Amz-Cf-Pop: FRA56-C1
ETag: "4f7d8cef-3c"
X-Cache: Miss from cloudfront
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 60
X-Amz-Cf-Id: pu1vioA5PzOJcLDSkAb5-IsyYGnWhi9ySqv5auPJRdsOB2IoytAL2A==
Expires: Tue, 16 Aug 2022 01:11:17 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: weford.com
URL: https://weford.com/assets/fonts/mandtbaltoweb-book.woff

Domain: weford.com
URL: https://weford.com/assets/fonts/mandtbaltoweb-medium.woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: M&T Bank (Banking)

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation object| __cfQR function| $ function| jQuery object| Foundation object| Box function| onImagesLoaded object| Keyboard object| MediaQuery object| Motion object| Nest function| Timer object| Triggers function| Abide function| Accordion function| AccordionMenu function| Drilldown function| Dropdown function| DropdownMenu function| Equalizer function| Interchange function| Magellan function| OffCanvas function| Orbit function| ResponsiveMenu function| ResponsiveToggle function| Reveal function| Slider function| SmoothScroll function| Sticky function| Tabs function| Toggler function| Tooltip function| ResponsiveAccordionTabs object| default object| CoreUtils object| ensBootstraps object| Bootstrapper object| regexKeys function| createEnsightenPageName function| getLabelText function| getBoolfromString function| windowClose object| rgxCompanyName object| rgxCardFormat object| rgxSSNFormat object| rgxTaxIdFormat object| rgxDobFormat object| rgxDob object| rgxName object| rgxNumbersOnly object| rgxEmail object| rgxisCard object| rgxisDebitCard object| rgxisCreditCard object| rgxPin object| rgxCvv object| rgNotNumsLettersOnly object| rgNotNumsOnly object| rgNotNumsSpaceOnly object| rgNotNumsDashOnly object| rgNotNumsSlashOnly object| rgWTSSOStart object| rgEmailAllow object| rgEmailBlockifNot object| rgxAlphaNumsOnly object| rgxCheckDateMMDDYYY number| timer undefined| exittimer boolean| changeFocusToAnswer object| validate function| startSessionTimer function| saveEditedAccount function| buildAddAccountItem function| addAdditionalAccount function| deleteAddedAccount function| clearAccountsHtml function| resetAddAccountForm function| buildAddBoxUifromAdditional function| LoadEditFormAddedAccount function| verifySaveAdditionalAccounts function| valideUniqueAnswers function| setEnrollmentTypeView function| setCardTypeInputFields function| checkForCardEnrollment function| resetCardForm function| isCardEnrollment function| setinputToProtected function| protectForm function| setinputToOpen function| validateDropDown function| validateAccountNumber function| validateSSN function| validateDob function| validateTaxid function| validateSecurityPin function| validateName function| validateCompanyName function| validateUserID function| validateConfirmPasscode function| validatePasscode function| validateEmailAddress function| validateSecurityAnswer function| validateSecurityQuestion function| validateAccountType function| validateAddedAccounts function| verifyEnrolleeTypeForm function| verifyEnrollmentTypeForm function| verifyAgreementsForm function| verifyCredentialsForm function| verifyAddAccountsForm function| AddMoreConditions function| changeAccountType function| getCookie object| notification object| hostingerLogo object| newList undefined| mainContent undefined| css undefined| style undefined| sheet undefined| x undefined| y undefined| button undefined| link undefined| h1Tag undefined| paragraph undefined| list undefined| listElements undefined| media1250 undefined| media920 boolean| __cfRLUnblockHandlers string| EnsightenPageName

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			weford.com/	1970-01-20 06:00:04	Name: aff_lnk_cookie Value: weford.com%2Freactivate%2Fverif.php

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://weford.com/reactivate/verif.php Message: Access to font at 'https://weford.com/assets/fonts/mandtbaltoweb-medium.woff' (redirected from 'http://weford.com/assets/fonts/mandtbaltoweb-medium.woff') from origin 'http://weford.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://weford.com/assets/fonts/mandtbaltoweb-medium.woff Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/formInputValidations.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://weford.com/reactivate/Confirm%20Online%20Details%20-%20Verify%20Account%20_%20M&T%20Bank_files/errorMsg.js.download Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: http://weford.com/reactivate/verif.php Message: Access to font at 'https://weford.com/assets/fonts/mandtbaltoweb-book.woff' (redirected from 'http://weford.com/assets/fonts/mandtbaltoweb-book.woff') from origin 'http://weford.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://weford.com/assets/fonts/mandtbaltoweb-book.woff Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

nexus.ensighten.com
weford.com
weford.com
2a06:98c1:3120::c
65.9.66.34
1561dd020e51568f135c0e64d38c48055e7647b695c57411029705bb186d8090
15f4eff882aa0a83b27bd9c2e01b32ad17d8d15d1a9e14f2b9fe7a3649c7fa05
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1ba8ec4721f57f16ecbc5217482bb06262356880d805adbcc6c72bbe6623272d
4c7e2cc8c50ab082334a9d91a8e42018086791fe8170a050628db9c364467d1a
5d20a0079750e45abe7ab6e246703d1666ba7065e62a0767b16735684f16702e
5f5b0d9f678fe446631a33a4cbbe891a01b0ed972143702e67ae6617367096ac
769863c01a0190c250b1528bc75a294a42641b8370661e8024055ae860eb7e30
86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5
946b0d2f109d2189105070fbb175fa78e00582d6c68413fdc05ae938060162b1
ab8d923e60dceb37d3b0327383e0e81a84522dbb961df642d5b4bb62ead7a062
ad68c8c7e80948313b864c7f1f78556234fe7d5fc778337a7bf0db2efd0c7468
b2ef3bd17aa6bc2daa7b1209f7848b30c64f3068e43162b09a216639ab430ce5
c2fd75f2108f81f0dc5f2165197fb7305085c2983b36062d25afb5da7c4f190b
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d58eb2802f72d0c6b1d944a1335e8fb914af44b51fe16097aad994c15b8cfbad
daf0b6123dc20d15f0465dd3e0396dbd07084842d6c677797a843c540cf2649a
ecb5cd10a64742b3616a5b9c0cb470127edb286231f57008ee3150bb54251695